OK. Good points ;o)
Thanks for the quick response.
Any chance for the other two suggestions?
As for IDS; I've followed the discussions about SNORT. I don't have any
programming skills (or BSD experience for that matter). So I'll wait and see
if anyone can successfully implement it without to much of a performance
hit.
Since SNORT logs should go to another PC anyway, Chad's suggestion about
running it off m0n0wall and just sniffing an interface bridged to WAN might
be the most effective solution.
Has anyone tried this solution?
/Martin
-----Original Message-----
From: Manuel Kasper [mailto:mk at neon1 dot net]
Subject: Re: [m0n0wall] Minor typo on DHCP-page?
On 29.11.2003, at 11:53, Martin Holst wrote:
> It looks like you forgot to correct the default and max lease times on
> the
> DHCP-page, when you increased them in pb20.
> (Still says that default lease is 600 and max is 7200)
Whoops... Fixed now. :) Thanks!
> I know you are busy but I have to ask: Any chance of IDS being
> implemented
> in the near future?
> I am sure that IDS is an important feature to a lot of people.
Mmmh I'm one of those people who believe that IDS isn't something that
should be implemented in m0n0wall for these reasons:
- it would bloat the system
- not sure if IDS on the firewall itself is a good idea
- not sure if embedded platforms like the net45xx would even be able to
handle the load well
- no persistent storage
- I personally dislike the idea of IDS
So I don't think we'll see IDS in m0n0wall (at least the official
image) anytime soon, sorry.
- Manuel
---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch